#!/usr/bin/ruby

base = File.expand_path(File.join(File.dirname(__FILE__), ".."))
$LOAD_PATH << File.join(base, "lib")
$LOAD_PATH << File.join(base, "examples")

require 'active_ldap'
require 'objects/user'
require 'objects/group'

argv, opts, options = ActiveLdap::Command.parse_options do |opts, options|
  opts.banner += " USER_NAME"
end

if argv.size == 1
  name = argv.shift
else
  $stderr.puts opts
  exit 1
end

pwb = Proc.new do |user|
  user ||= ENV["USER"]
  ActiveLdap::Command.read_password("[#{user}] Password: ")
end
ActiveLdap::Base.setup_connection(:password_block => pwb,
                                  :allow_anonymous => false)

unless User.exists?(name)
  $stderr.puts("User #{name} doesn't exist.")
  exit 1
end

class PasswordMismatch < RuntimeError
end

user = User.find(name)
count = 0
begin
  count += 1
  pw1 = pwb.call(user.dn)
  pw2 = pwb.call(user.dn)
  raise PasswordMismatch if pw1 != pw2
rescue PasswordMismatch
  puts "Password mismatch!"
  exit 1 if count == 3
  retry
end

user.user_password = ActiveLdap::UserPassword.ssha(pw1)
unless user.save
  puts "failed"
  puts user.errors.full_messages
  exit 1
end
